In an era where AI-powered cyber threats are evolving faster than ever, traditional security training approaches have failed to adequately protect organizations, leaving employees vulnerable to increasingly sophisticated attacks. The security awareness training market has long been dominated by outdated videos and quizzes that rarely translate into meaningful behavior change, resulting in costly breaches and persistent vulnerabilities. Anagram is revolutionizing this landscape as the world’s first human-driven security platform designed to embed security into everyday behavior. Through customized microlearning (the longest video is 87 seconds) combined with real-time security nudges, the platform delivers measurable behavior change, turning workforces into proactive defense systems against cyber threats. With implementations across Fortune 500 companies and reaching over 500,000 global users, Anagram has demonstrated significant impact, reducing phishing failure rates from approximately 20% to just 6%.
AlleyWatch sat down with Anagram CEO and Founder Harley Sugarman to learn more about the business, its innovative approach to cybersecurity training, and recent funding.
Who were your investors and how much did you raise?
$10M Series A led by Madrona with participation from General Catalyst, Bloomberg Beta, Operator Partners, and Secure Octane.
Tell us about the product or service that Anagram offers.
Anagram is the world’s first human-driven security platform that delivers real results. We go beyond traditional methods—like outdated videos and quizzes—by offering phishing simulations and interactive, customizable training designed to engage and educate employees. Our hands-on learning approach and immersive puzzles ensure lasting behavior change, turning your workforce into a proactive line of defense against cyber threats.
What inspired the start of Anagram?
After years of interviewing numerous CISOs, I recognized a gap in the cybersecurity training industry—there was a clear need for a paradigm shift in how training was approached.
How is Anagram different?
By blending customized microlearning with real-time security nudges, the platform drives measurable behavior change and reinforces good security habits. Anagram stands out by offering unique puzzles and training that go beyond the workplace, influencing daily behaviors and positively impacting both professional and personal lives.
What market does Anagram target and how big is it? What’s your business model?
Anagram is targeting the security awareness and human risk management market, which is a multi-billion-dollar industry and growing fast as companies realize traditional training isn’t working.
With AI-driven phishing attacks and social engineering threats rising, CISOs are actively looking for solutions that actually change employee behavior, instead of just checking a compliance box. Our primary customers are larger enterprise companies (think: Disney, Pfizer, etc.), and we’re particularly focused on highly regulated industries like finance, healthcare, and technology, where security is a top priority.
Our business model is SaaS, with companies subscribing to our platform on an annual basis. Pricing scales based on the number of users and the level of customization and integrations needed. We also offer premium features like AI-powered security nudges, which help companies continuously reinforce secure behavior in real-time.
How are you preparing for a potential economic slowdown?
We’ve been focused on building a business that’s capital-efficient from day one. One of the benefits of our sector is that security isn’t a “nice to have”—it’s a necessity, especially as AI-powered threats grow. That said, we’re staying disciplined with hiring, prioritizing product features that drive real impact, and aligning the company (including engineering, design, marketing, and sales) around two key metrics: growth and retention.
What was the funding process like?
We managed to get through the funding process relatively quickly. We had strong early traction and some incredible logos, which helped, but we were also very intentional about wanting to find a lead with a shared vision around what Human-Driven Security could be. Madrona stood out from the start — not just because of their deep experience in security and AI, but because they understood that security awareness isn’t a compliance challenge, it’s a behavioral one. Instead of focusing on completion rates, we spent our time talking about behavior change and how we could actually reduce human risk. Their conviction in our approach made them the perfect partner to lead this round.
What are the biggest challenges that you faced while raising capital?
One of the biggest challenges was convincing investors that security awareness isn’t just a checkbox—it’s a solvable problem. When we spoke to CISOs, we kept hearing that employees are the weakest link. But what really stood out was the hopelessness in their voices. They saw human risk as an unsolvable problem, something they just had to live with. Investors had heard this narrative before, and many were skeptical that a new approach could actually change behavior.
What factors about your business led your investors to write the check?
Our job was to prove that Anagram isn’t just another security training tool—it’s a fundamentally different approach that works. Investors saw three key factors that set us apart.
- First, real traction—we were already working with Fortune 500 companies and reaching over 500K employees.
- Second, measurable impact—we could show a clear reduction in security incidents, proving that our approach actually changes behavior.
- Third, a massive, underserved market—CISOs know that traditional awareness training is failing, and our platform offered a solution that actually made security stick.
What are the milestones you plan to achieve in the next six months?
Over the next six months, Anagram will continue advancing its AI-driven personalization engine to deliver even more targeted, effective training. The company is also gearing up to launch its first AI-powered security agent, which provides context-aware, real-time nudges—meeting employees where they are and helping them make smarter security decisions in the moment.
Over the next six months, Anagram will continue advancing its AI-driven personalization engine to deliver even more targeted, effective training. The company is also gearing up to launch its first AI-powered security agent, which provides context-aware, real-time nudges—meeting employees where they are and helping them make smarter security decisions in the moment.
What advice can you offer companies in New York that do not have a fresh injection of capital in the bank?
Focus on what truly moves the needle. In a market like this, efficiency matters more than ever—every dollar and every hire should be driving real impact. Prioritize customer retention and revenue-generating initiatives over nice-to-haves. If something doesn’t directly contribute to growth or product stickiness, it can wait.
Also, don’t underestimate the power of relationships. Whether it’s securing partnerships, landing key customers, or getting warm investor intros for the future, a strong network can open doors that capital alone won’t. Stay scrappy, stay focused, and keep building something that customers can’t afford to live without.
Where do you see the company going in the near term?
Over the next six months, Anagram will continue advancing its AI-driven personalization engine to deliver even more targeted, effective training. The company is also gearing up to launch its first AI-powered security agent, which provides context-aware, real-time nudges—meeting employees where they are and helping them make smarter security decisions in the moment.
What’s your favorite restaurant in the city?
Mr Chow on 57th Street.
